1 Answer
1

As mentioned in Section 3, DTLS is intentionally very similar to TLS.
Therefore, instead of presenting DTLS as a new protocol, we present
it as a series of deltas from TLS 1.1 [TLS11]. Where we do not
explicitly call out differences, DTLS is the same as in [TLS11].

That's reasonably explicit: anything which is not described in RFC 4347, must be done as it is done in TLS 1.1. TLS 1.1 explicitly rejects support of "export" cipher suites, so DTLS does not support them either.

The RFC is like the US Supreme Court: it recognizes no power above itself. There is no "reference implementation" which would define what is supported and what is not. So there is nothing to "confirm", in a legalistic way. A weaker but more practical notion of "support" is interoperability: do existing implementations of DTLS try to support the so-called "export" cipher suites ? It seems that OpenSSLdoes support it:

However, there is very little reason to use these cipher suites nowadays; they were meant to comply to US export regulations (hence the name), and the restrictions on key size have been mostly lifted a dozen years ago. No SSL/TLS implementation enables them by default, and servers which are actually configured to accept them should be exceedingly rare. If you are implementing your own DTLS code, you would not be blamed for omitting them, especially since the wording of the RFC implies that they are forbidden.